Russian Internet loses certificates: GlobalSign begins revocation

The Japanese certification authority GlobalSign has begun the process of revoking previously issued SSL certificates for Russian companies. This was reported by RBK, citing a letter sent to partners by Dmitry Ryzhikov, head of the company's Russian division. It is noted that new requirements from the CA/Browser Forum, which unites browser developers and certificate authorities, demand strict compliance with sanctions restrictions. This is reported by Ixbt.com reports .

SSL certificates provide HTTPS secure connections and verify site authenticity. As a result of their revocation, browsers like Google Chrome, Safari, and Firefox will display warnings that a site is unsafe or block access to the resource entirely. Experts believe that GlobalSign held nearly 90% of the commercial foreign certificate market in Russia.

The Russian Ministry of Digital Development recommends that users switch to state-issued free TLS certificates. However, these local certificates are not recognized by international browsers. This creates a risk of the Russian internet infrastructure becoming isolated from the outside world, splitting into internal and external contours.

Experts emphasize that the problem affects not only websites but also software designed for Windows, macOS, and iOS systems. Mobile applications using the Certificate Pinning mechanism are particularly vulnerable — once a certificate is revoked, communication between the app and the server may be completely severed until an update is released.

According to preliminary estimates, this process is expected to affect 15,000–20,000 second-level domains and hundreds of thousands of associated subdomains. This could lead to serious disruptions in the operation of many corporate systems and services in the Russian segment.